In The Trenches LogoThe Devolutions Blog Logo
The Front Line Against
IT Chaos & Cyber Threats

Devolutions Gateway Adaptive Connection Modes Explained

Devolutions Gateway Adaptive Connection Modes Explained

Recently, we took a closer look at Devolutions Gateway, which integrates with Devolutions Server and provides authorized just-in-time access to resources in segmented networks. Today, we are going to dive deeper and explain the Devolutions Gateway adaptive connection modes. ​

Regular Connection Flow

​ The regular connection flow uses the Devolutions Gateway to reach a destination server that is normally not directly accessible from the client: ​

  1. Remote Desktop Manager requests a short-lived authorization token from Devolutions Server.
  2. Remote Desktop Manager connects to Devolutions Gateway using the authorization token.
  3. Devolutions Gateway validates the authorization token, then connects to the destination server. ​

Once the connection is established, the Remote Desktop Manager client [A] is connected to the destination server [C] through Devolutions Gateway [B], like this:

A <-> B <-> C

If direct connectivity between A and C is possible, it is not attempted. And if the destination server [C] is not reachable by Devolutions Gateway [B], the connection fails. ​

Attempt Direct Connection

​ While it is recommended to enforce connections through Devolutions Gateway at all times, some customers would rather bypass it when a direct connection is possible, like this: ​

A <-> C

​ A common scenario is to make a direct connection when physically present in the office, and use the Devolutions Gateway to work from home without using a VPN. Here are the steps: ​

In the connection entry properties, under VPN/SSH/Gateway, select Connect if unable to ping/port scan as the Devolutions Gateway connection mode:

dgw_connect_local_bypass.png

Local connection bypass

With this mode, Remote Desktop Manager will connect to Devolutions Gateway if direct connectivity testing (ping, port scan) fails. You can also change the kind of test that is used to determine if the destination server is reachable or online:

dgw_connect_local_check.png

Local connection check

Note: since ping requests are often blocked by the firewall, the port scan may prove to be a more reliable method. ​

Connection Performance

​ It may be tempting to bypass Devolutions Gateway when on the local network, as a way to improve connection performance. This habit is often due to the equivalent Bypass RD Gateway for local addresses option in the Microsoft Remote Desktop Gateway: ​

rdg_bypass_local.png

RD Gateway - Bypass for local addresses

The Devolutions Gateway is significantly faster than the RD Gateway, because it doesn't have the same protocol overhead. The chances are that most users won't notice the difference. However, testing for direct connectivity costs a few seconds every time, which is definitely noticeable. ​

Attempt Alternate Hosts

​ Remote Desktop Manager supports connecting to alternate hosts when the primary host is not reachable, which is a common scenario in high availability deployments with redundant servers. When this feature is used, Devolutions Gateway will attempt connecting, in order, to the list of alternate hosts [D] when the connection to the primary host failed [C], like this: ​

A <-> B <-> D

In the connection entry properties, under Description, select Manual as the alternate host type, and then enter a list of hosts right below: ​

dgw_alternate_hosts_manual.png

Alternate Hosts - Manual

Customers who would rather be prompted to select one host from the list can use the Prompt alternate host type: ​

dgw_alternate_hosts_prompt.png

Alternate Hosts - Prompt

Note: the Allow custom host option is not supported with the Devolutions Gateway since Devolutions Server needs to know the complete list of destination servers before the connection is initiated. ​

Questions or Comments?

​ We hope that you find this information useful. If you have any questions or comment about adaptive connection modes in Devolutions Gateway, or any other aspect/feature of this product, please let us know. You can comment below, or connect with us through our Forum.

Stephanie Gagnon

Hello, I am a Product Marketer here at Devolutions. I have been with our company for several years, and previously I worked in our Translation Department. My role includes creating technical and marketing content for our roster of products, as well as for our website. I also continue to oversee our Translation team. I am passionate about IT, which I studied at college. I am also very interested in cybersecurity, and currently taking college courses in networking and security (the learning never stops!). On a more personal note, I looooooooooooove Legos and my two Coton de Tulear dogs whose names are “Q-Tips” and “Fluffy”.

Follow us by Email

Delivered by FeedBurner

Devolutions is a leading provider of remote connection, password and credential management tools for sysadmins and IT pros.

DEVOLUTIONS.NET | 1000 Notre-Dame, Lavaltrie, QC J5T 1M1, Canada | infos@devolutions.net
All rights reserved © 2022 Devolutions